<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html xmlns="http://www.w3.org/1999/xhtml">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<title>Booking First-Raiffeisen Response</title>

</head>
<body>

<h1> notify...</h1>


<?php


$MerchantID =isset($_POST['MerchantID']) ? $_POST['MerchantID'] : "";                          //data from our Gateway
$TerminalID = isset($_POST['TerminalID']) ? $_POST['TerminalID'] : "";
$TotalAmount = isset ($_POST['TotalAmount']) ? $_POST['TotalAmount'] : "";
$AltTotalAmount = isset($_POST['AltTotalAmount']) ? $_POST['AltTotalAmount'] : "";
$CurrencyID = isset($_POST['Currency']) ? $_POST['Currency'] : "";
$AltCurrencyID = isset($_POST['AltCurrency']) ? $_POST['AltCurrency'] : "";
$PurchaseTime = isset($_POST['PurchaseTime']) ? $_POST['PurchaseTime'] : "";
$OrderID = isset($_POST['OrderID']) ? $_POST['OrderID'] : "";
$XID = isset($_POST['XID']) ? $_POST['XID'] : "";
$ApprovalCode = isset($_POST['ApprovalCode']) ? $_POST['ApprovalCode'] : "";
$Rrn = isset($_POST['Rrn']) ? $_POST['Rrn'] : "";
$ProxyPan = isset($_POST['ProxyPan']) ? $_POST['ProxyPan'] : "";
$TranCode = isset($_POST['TranCode']) ? $_POST['TranCode'] : "";
$locale = isset($_POST['locale']) ? $_POST['locale'] : "";
$signature = isset($_POST['Signature']) ? $_POST['Signature'] : "";
$SD = isset($_POST['SD']) ? $_POST['SD'] : "";
$Email = isset($_POST['Email']) ? $_POST['Email'] : "";
$Delay = isset($_POST['Delay']) ? $_POST['Delay'] : "";


$fp = fopen("http://booking.first.al/raiffeisen/test-server.cert", "r");
if (!$fp) exit("Certificate is missed:test-server.cert ");
$pub_key = fread($fp, 8192);	
fclose($fp);
$signature = base64_decode($signature); 
if($AltTotalAmount)
{
	$data = "$MerchantID;$TerminalID;$PurchaseTime;$OrderID;$XID;$CurrencyID,$AltCurrencyID;$TotalAmount,$AltTotalAmount;;$TranCode;$ApprovalCode;";
}else{
	$data = "$MerchantID;$TerminalID;$PurchaseTime;$OrderID;$XID;$CurrencyID;$TotalAmount;;$TranCode;$ApprovalCode;";
}
$crtid = openssl_get_publickey($pub_key);

$verify_status = openssl_verify($data, $signature, $crtid); 
openssl_free_key($crtid);

if($verify_status==1)   
{ 
if ($TranCode=='000') { 

$ResponseAction='approve'; 


echo 'Notify: Payment complete successful';
print "MerchantID=".$MerchantID."\n";
print "TerminalID=".$TerminalID."\n";
print "OrderID=".$OrderID."\n";
print "Currency=".$CurrencyID."\n";
print "AltCurrency=".$AltCurrencyID."\n";
print "TotalAmount=".$TotalAmount."\n";
print "AltTotalAmount=".$AltTotalAmount."\n";
print "XID=".$XID."\n";
print "PurchaseTime=".$PurchaseTime."\n";
print "Response.action=".$ResponseAction."\n";
print "Response.reason=".$ResponseReason."\n";
print "Response.forwardUrl=".$forwardUrl."\n";
}

if ($TranCode != "000")  
{	
	if($TranCode == 105){
		echo 'Transaction not allowed by the issuing bank.'; 
	}

	if($TranCode == 116){
		echo 'Shortage of funds.' ;
	} if($TranCode == 101){
		echo 'Wrong expiration date.'; 
	}if($TranCode == 108){
		echo 'Lost or stolen card.'; 
	}
	if($TranCode == 111){
		echo 'Non-existent card.'; 
	}
	if($TranCode == 116){
		echo 'Shortage of funds.'; 
	}
	if($TranCode == 130){
		echo 'Allowed overexpenditure limit exceeded.'; 
	}

	if($TranCode == 290){
		echo 'Issuing bank unavailable.'; }

	if($TranCode == 291){
		echo 'Technical or communication problem.'; 
	}
	if($TranCode == 401){
		echo 'Format error.'; }
 
	if($TranCode == 402){
		echo 'Acquirer/Merchant parameters error.';}

	if($TranCode == 403){
		echo 'Connection with PS source (DS) error.';}

	if($TranCode == 404){
		echo 'Purchaser authentication error.'; }

	if($TranCode == 405){
		echo 'Signature error.'; }
	if($TranCode == 406){
		echo 'Not Acceptable Response.'; }
	if($TranCode == 407){
		echo 'Proxy authentication required.'; }

	if($TranCode == 408){
		echo 'The server timed out waiting for the request.'; }

	if($TranCode == 409){
		echo 'The request was unsuccessful due to a conflict in the state of the resource.'; }

	if($TranCode == 410){
		echo 'The resource requested is no longer available and will not be available again.'; }

	if($TranCode == 411){
		echo 'The request did not specify the length of its content, which is required by the requested resource.'; }

	if($TranCode == 412){
		echo 'The server does not meet one of the preconditions that the requester put on the request.'; }

	if($TranCode == 413){
		echo 'The request is larger than the server is willing or able to process.'; }

	if($TranCode == 420){
		echo ' Method Failure .'; }

	if($TranCode == 421){
		echo 'The service is unavailable due to a connection problem.'; }

	if($TranCode == 430){
		echo 'Not all objects expose an Automation interface.'; }
	if($TranCode == 431){
		echo 'Delivery diverted. Not permitted without  transaction authentication scheme in 3 -D secure.'; }
	if($TranCode == 432){
		echo 'Unassigned.'; }

	if($TranCode == 433){
		echo 'Unassigned.'; }

	if($TranCode == 434){
		echo 'Unassigned.'; }

	if($TranCode == 435){
		echo 'Unassigned.'; }

	if($TranCode == 436){
		echo 'Unassigned.'; }

	if($TranCode == 437){
		echo 'Unassigned.'; }

	if($TranCode == 438){
		echo 'Unassigned.'; }

	if($TranCode == 439 or $TranCode == 440 ){
		echo 'Unassigned.'; }

	if($TranCode == 441){
		echo 'This is an error emanating from your server indicating that the recipient’s server is not responding.'; }

	if($TranCode == 450){
		echo 'Blocked By Windows Parental Controls.'; }

	if($TranCode == 501){
		echo 'The server either does not recognise the request method, or it lacks the ability to fulfill the request.'; }

	if($TranCode == 502){
		echo 'The Uniform Resource Locator (URL) does not use a recognized protocol.'; }

	if($TranCode == 503){
		echo 'The Web server is currently unable to handle the HTTP request due to a temporary overloading or maintenance of the server.'; }

	if($TranCode == 504){
		echo 'Gateway Timeout.'; }
	
	if($TranCode == 505){
		echo 'HTTP Version Not Supported.'; }

	if($TranCode == 506){
		echo 'Time of payment for <<Preauthorisation>> transaction is over.'; }

	if($TranCode == 507){
		echo 'Payment for <<Preauthorisation>> transaction was made before.'; }

	if($TranCode == 508){
		echo 'Wrong amount for payment, value is wrong or 20% more than the initial transaction.'; }

	if($TranCode == 509){
		echo 'Unassigned.'; } 

	if($TranCode == 510){
		echo 'Not Extended.'; } 

	if($TranCode == 511){
		echo 'Network Authentication Required	.'; } 

	if($TranCode == 509){
		echo 'Unassigned.'; } 

	if($TranCode == 601){
		echo 'Unassigned.'; } 

	$ResponseAction = 'reverse';
	$ResponseReason = 'transaction failed';


	}

}else{
	$ResponseAction = 'error';
	$ResponseReason = 'signature not valid';
		echo "signatura is not valid.";
}

?>

</body> 
</html>